Ivanti - The Stack

Gird your loins, there’s a new pre-auth RCE in Ivanti boxes landing

"Code execution in 0 seconds (3 seconds to be more accurate), no limitation, no authentication..."

Edward Targett May 02, 2024

MITRE attack strikes a NERVE after Ivanti to VMware pivot

"We did not detect… lateral movement into our VMware infrastructure. At the time we believed we took all the necessary actions to mitigate the vulnerability, but these actions were clearly insufficient.”

The Stack April 21, 2024

13,000 unpatched Ivanti appliances exposed as attacks escalate, firmware analysis shocks users.

vulnerabiities

News

cybersecurity

13,000 unpatched Ivanti appliances exposed as attacks escalate, firmware analysis shocks users.

“Security” product shipped with a 13-year-old, unsupported base OS and software libraries with 973 vulnerabilities; 111 of which have publicly known exploits available.

Edward Targett February 16, 2024

News

NCSC

vulnerability management

NCSC vuln management guide details why to update by default - and why not to

Business should own the risk - not the security team

Joe Fay February 12, 2024

Ivanti 0day fest continues with fresh bugs, attacks, as CISA tells federal agencies "just disconnect"

vulnerabilities

News

Ivanti 0day fest continues with fresh bugs, attacks, as CISA tells federal agencies "just disconnect"

"Threat actors have recently developed workarounds to current mitigations and detection methods and have been able to exploit weaknesses, move laterally, and escalate privileges without detection..."

Edward Targett February 02, 2024

Ivanti VPN appliance exploitation now happening at scale

Ivanti VPN appliance exploitation now happening at scale

VPN appliances "all appear to have been constructed with the code equivalent of string, stamped with the word ‘secure’ and then just left to decay for 20 years..."

The Stack January 16, 2024

Pre-auth RCE zero days in Ivanti VPNs are being exploited by a Chinese APT and there won’t be a patch for weeks. Buckle up.

vulnerabilities

Cybersecurity

News

Pre-auth RCE zero days in Ivanti VPNs are being exploited by a Chinese APT and there won’t be a patch for weeks. Buckle up.

Attackers re-write JavaScript loaded by the VPN login page for the Appliance to capture credentials; also grabbed Veeam credentials, moved laterally for full SYSTEM control.

Edward Targett January 10, 2024

MobileIron under active attack, admins warned to update

News

vulnerabilities

cybersecurity

MobileIron under active attack, admins warned to update

Ivanti is warning of attacks on its MobileIron platform due to improper handling of APIs

Shaun Nichols August 22, 2023

Gird your loins, there’s a new pre-auth RCE in Ivanti boxes landing

MITRE attack strikes a NERVE after Ivanti to VMware pivot

13,000 unpatched Ivanti appliances exposed as attacks escalate, firmware analysis shocks users.

NCSC vuln management guide details why to update by default - and why not to

Ivanti 0day fest continues with fresh bugs, attacks, as CISA tells federal agencies "just disconnect"

Ivanti VPN appliance exploitation now happening at scale

Pre-auth RCE zero days in Ivanti VPNs are being exploited by a Chinese APT and there won’t be a patch for weeks. Buckle up.

MobileIron under active attack, admins warned to update